Tcp flood

Hi,

today from 15.10 to 16.10 I received more than 15600 calls from the same IP. The Windows 2012 server already has a function against SYN ATTACK and TCP FLOOD, and I see it on the tcp-rst-from-server log monitor, but they are very small compared to

Session Token Extend resource

We are on Version 22.06.197 of the Prisma Cloud. I want to know if there is a resource for session token extension or if there is a workaround other than re-initiating the request for a new token.

The resource for the Authenticate Client I have been

Potential false positive AV for MS VisualStudio update

Running into a weird problem with VisualStudio update package being detected as a generic virus after recent update to Threat databases. But I can download the indicated file itself just fine. Anybody know what's going on here? Current AV database 41

False positive - Atlassian Confluence Remote Code Execution Vulnerability 92632

Threat ID 92632 was added late 6/3 for the new Atlassian 0-day exploit. All morning we have been seeing false positives on the new signature. Anyone else seeing the same? 

Seems to be alerting to the inclusion of javascript ad code across multiple we

Moving from RSA to ECDSA

Hi, we are using some RSA certs and due to a vulnerability we need to swap them for ECDSA. Our usual cert provider doesn't offer ECDSA. Could someone suggest the best way to obtain this please? I wasn't sure if OpenSSL was a valid option? Thanks, Joh

panos-cve-2020-2039

how to fix vulnerabilities in palo alto

More PA region incorrect results

Seems like the region database was updated and has broken US addresses again.. Trying to check a site URL against the PA database at https://urlfiltering.paloaltonetworks.com/ and unable to get there from my corporate network... urlfiltering.paloalto

Name: Suspicious Abnormal RPC Request Found (Unique Threat ID: 38713)

How can I resolve this kind of alert on our internal network? 

The source is our Manage Switch and the destination is our MPLS. 

The alert source comes from the PAN NGFW.

Thank you in advance for your response.

I hope you can help me to strengthen my an

Wildfire reports refuse to connect

Hi Team, 

We are facing an error in wildfire reports after updagrade to 10.0.8h4 . it says wildfire reports refuse to connect.

Please suggest any solution  to check but if i updgrade to 10.1.3 it is working fine in mylab.

Regards

Chetan

Is the Applications and Threats Content updated about CVE-2022-26134 (Remote Code Execution Vulnerability in Atlassian Confluence)?

hello.
I would like to know whether information about the recently announced vulnerability, CVE-2022-26134 (remote code execution vulnerability in Atlassian Confluence), is reflected in Applications and Threats Content.

I have read all the available re

how to verify about bad domains and hashes

I have to block some of DNSs and Hashes since all are addressed as suspicious sources, so I want to know does our DNS security already blocked them or not